Bonjour à tous. Depuis quelques jours j'ai des problèmes de pubs et j'ai le processeur qui tourne à fond. J'ai donc fait un scan avec Hijackthis et le voilà :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:09:36, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\Avast\Avast4\ashDisp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Build active.exe
O4 - HKLM\..\Run: [iKnowPS] C:\Program Files\iKnowPS\iKnowPS.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Find vga] C:\DOCUME~1\CLINE~1\APPLIC~1\OWNSFO~1\barb drive.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashWebSv.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8901 bytes
Merci beaucoup pour votre aide
Bonjour,
Télécharge Lop S&D.exe sur ton Bureau.
- Double-clique dessus pour lancer l'installation
- Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
bonjour, voilà le raport que j'ai fait avec le logiciel :
-----------------------------[ Lop S&D 2.2.3 ]---------------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : C‚line ] [ "C:\Program Files\Lop SD" ]
[ 02/02/2008 | 18:11:44,64 ] [ PC : MARKOVIC ]
[ MAJ : 02-02-2008 | 16:20 ]
-------------[ Listing des dossiers dans Application Data ]------------
[07/01/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[07/01/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/12/2007|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/05/2006|07:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[23/12/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/01/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[07/01/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[07/01/2008|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[23/01/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[28/12/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/09/2006|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[08/01/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/12/2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/01/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
[07/01/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[22/12/2007|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\.
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\..
[22/12/2007|16:01] C:\DOCUME~1\CLINE~1\APPLIC~1\Adobe
[26/01/2008|18:56] C:\DOCUME~1\CLINE~1\APPLIC~1\AdobeUM
[08/01/2008|17:50] C:\DOCUME~1\CLINE~1\APPLIC~1\Apple Computer
[02/01/2008|22:05] C:\DOCUME~1\CLINE~1\APPLIC~1\CyberLink
[10/05/2006|07:16] C:\DOCUME~1\CLINE~1\APPLIC~1\desktop.ini
[30/12/2007|20:27] C:\DOCUME~1\CLINE~1\APPLIC~1\Hewlett-Packard
[09/01/2008|22:08] C:\DOCUME~1\CLINE~1\APPLIC~1\HP
[07/01/2008|23:06] C:\DOCUME~1\CLINE~1\APPLIC~1\HPAppData
[06/12/2007|18:11] C:\DOCUME~1\CLINE~1\APPLIC~1\Identities
[31/12/2007|10:29] C:\DOCUME~1\CLINE~1\APPLIC~1\InstallShield
[22/12/2007|09:57] C:\DOCUME~1\CLINE~1\APPLIC~1\Macromedia
[09/01/2008|21:39] C:\DOCUME~1\CLINE~1\APPLIC~1\Microsoft
[19/12/2007|17:22] C:\DOCUME~1\CLINE~1\APPLIC~1\Microsoft Web Folders
[22/12/2007|13:29] C:\DOCUME~1\CLINE~1\APPLIC~1\Mozilla
[22/12/2007|20:37] C:\DOCUME~1\CLINE~1\APPLIC~1\MSNInstaller
[31/01/2008|20:01] C:\DOCUME~1\CLINE~1\APPLIC~1\OwnsForFilm
[31/12/2007|10:33] C:\DOCUME~1\CLINE~1\APPLIC~1\Panasonic
[02/01/2008|22:15] C:\DOCUME~1\CLINE~1\APPLIC~1\Real
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\Sun
[14/01/2008|18:04] C:\DOCUME~1\CLINE~1\APPLIC~1\U3
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[10/05/2006|07:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[06/12/2007|18:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[23/12/2007|14:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[01/02/2008 22:00][--ah-----] C:\WINDOWS\tasks\AC2F105491848328.job [--274--]
[24/12/2007 18:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[02/02/2008 17:41][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 22:00][-rah-----] C:\WINDOWS\tasks\desktop.ini [--65--]
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/02/2008|18:11] C:\Program Files\Lop SD
[02/02/2008|18:11] C:\Program Files\..
[02/02/2008|18:11] C:\Program Files\.
[02/02/2008|18:05] C:\Program Files\Mozilla Firefox
[31/01/2008|22:09] C:\Program Files\Trend Micro
[31/01/2008|22:03] C:\Program Files\iKnowPS
[23/01/2008|23:00] C:\Program Files\Fichiers communs
[17/01/2008|15:32] C:\Program Files\OwnsForFilm
[08/01/2008|17:44] C:\Program Files\Spybot - Search & Destroy
[07/01/2008|23:06] C:\Program Files\Hewlett-Packard
[07/01/2008|23:06] C:\Program Files\HP
[02/01/2008|22:13] C:\Program Files\Real
[31/12/2007|10:30] C:\Program Files\Panasonic
[31/12/2007|10:30] C:\Program Files\InstallShield Installation Information
[25/12/2007|12:23] C:\Program Files\Outlook Express
[25/12/2007|12:20] C:\Program Files\Internet Explorer
[24/12/2007|18:57] C:\Program Files\iTunes
[24/12/2007|18:57] C:\Program Files\iPod
[24/12/2007|18:57] C:\Program Files\QuickTime
[24/12/2007|18:56] C:\Program Files\Apple Software Update
[24/12/2007|15:06] C:\Program Files\EBP
[23/12/2007|14:03] C:\Program Files\MSXML 4.0
[22/12/2007|20:37] C:\Program Files\MSN
[22/12/2007|20:30] C:\Program Files\MSN Messenger
[22/12/2007|16:28] C:\Program Files\Avast
[22/12/2007|15:50] C:\Program Files\PDFCreator
[22/12/2007|15:50] C:\Program Files\PDFCreator Toolbar
[22/12/2007|15:37] C:\Program Files\WinZip
[19/12/2007|17:23] C:\Program Files\Microsoft Office
[19/12/2007|17:22] C:\Program Files\microsoft frontpage
[06/12/2007|18:16] C:\Program Files\xerox
[06/12/2007|18:16] C:\Program Files\Windows NT
[06/12/2007|18:16] C:\Program Files\Windows Media Player
[06/12/2007|18:16] C:\Program Files\Windows Media Connect 2
[06/12/2007|18:16] C:\Program Files\Synaptics
[06/12/2007|18:16] C:\Program Files\Sonic
[06/12/2007|18:15] C:\Program Files\Services en ligne
[06/12/2007|18:15] C:\Program Files\Online Services
[06/12/2007|18:15] C:\Program Files\NetWaiting
[06/12/2007|18:15] C:\Program Files\NetMeeting
[06/12/2007|18:15] C:\Program Files\MSN Gaming Zone
[06/12/2007|18:15] C:\Program Files\Movie Maker
[06/12/2007|18:15] C:\Program Files\Microsoft Works
[06/12/2007|18:14] C:\Program Files\Messenger
[06/12/2007|18:14] C:\Program Files\Java
[06/12/2007|18:13] C:\Program Files\Google
[06/12/2007|18:12] C:\Program Files\DIFX
[06/12/2007|18:12] C:\Program Files\CONEXANT
[06/12/2007|18:12] C:\Program Files\Adobe
[06/12/2007|09:30] C:\Program Files\HPQ
[19/09/2006|23:48] C:\Program Files\WindowsUpdate
[19/09/2006|23:48] C:\Program Files\Uninstall Information
[19/09/2006|23:48] C:\Program Files\ComPlus Applications
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[23/01/2008|23:00] C:\Program Files\Fichiers communs\..
[23/01/2008|23:00] C:\Program Files\Fichiers communs\.
[02/01/2008|22:13] C:\Program Files\Fichiers communs\xing shared
[02/01/2008|22:13] C:\Program Files\Fichiers communs\Real
[30/12/2007|15:24] C:\Program Files\Fichiers communs\Microsoft Shared
[30/12/2007|14:10] C:\Program Files\Fichiers communs\Hewlett-Packard
[25/12/2007|12:23] C:\Program Files\Fichiers communs\System
[24/12/2007|18:56] C:\Program Files\Fichiers communs\Apple
[22/12/2007|16:26] C:\Program Files\Fichiers communs\Symantec Shared
[22/12/2007|16:01] C:\Program Files\Fichiers communs\Adobe
[19/12/2007|17:19] C:\Program Files\Fichiers communs\Designer
[06/12/2007|18:13] C:\Program Files\Fichiers communs\TiVo Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\SureThing Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\SpeechEngines
[06/12/2007|18:13] C:\Program Files\Fichiers communs\Sonic Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\Services
[06/12/2007|18:13] C:\Program Files\Fichiers communs\ODBC
[06/12/2007|18:13] C:\Program Files\Fichiers communs\MSSoap
[06/12/2007|18:13] C:\Program Files\Fichiers communs\LightScribe
[06/12/2007|18:12] C:\Program Files\Fichiers communs\Java
[06/12/2007|18:12] C:\Program Files\Fichiers communs\InstallShield
[06/12/2007|18:12] C:\Program Files\Fichiers communs\HP
----------------------[ Recherche avec S_Lop ]---------------------
C:\Documents and Settings\C‚line\Local Settings\Temp\bis37.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Build active.exe
C:\WINDOWS\Tasks\AC2F105491848328.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"close surf mail dupe"="C:\\Documents and Settings\\All Users\\Application Data\\Tick Find Close Surf\\Build active.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-02 18:13:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:1283][Doss:38] C:\DOCUME~1\CLINE~1\LOCALS~1\Temp
/!\ [Fich:114][Doss:0] C:\DOCUME~1\CLINE~1\Cookies
/!\ [Fich:8268][Doss:8] C:\DOCUME~1\CLINE~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 18:13:11,79 ]----------------------
v
Merci
Re,
Relance Lop S&D
- Choisis cette fois ci l'Option 2 (Suppression)
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
Voilà le rapport de suppression :
-----------------------------[ Lop S&D 2.2.3 ]---------------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : C‚line ] [ "C:\Program Files\Lop SD" ]
[ 02/02/2008 | 19:15:56,59 ] [ PC : MARKOVIC ]
[ MAJ : 02-02-2008 | 16:20 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Build active.exe
Supprimé! - C:\WINDOWS\Tasks\AC2F105491848328.job
Supprimé! - C:\Documents and Settings\C‚line\Local Settings\Temp\bis37.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[02/02/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[02/02/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[24/12/2007|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[24/12/2007|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/05/2006|07:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[23/12/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/01/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[07/01/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[07/01/2008|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[23/01/2008|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[28/12/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/09/2006|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[06/12/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[08/01/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/12/2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/01/2008|23:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[22/12/2007|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\.
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\..
[22/12/2007|16:01] C:\DOCUME~1\CLINE~1\APPLIC~1\Adobe
[26/01/2008|18:56] C:\DOCUME~1\CLINE~1\APPLIC~1\AdobeUM
[08/01/2008|17:50] C:\DOCUME~1\CLINE~1\APPLIC~1\Apple Computer
[02/01/2008|22:05] C:\DOCUME~1\CLINE~1\APPLIC~1\CyberLink
[10/05/2006|07:16] C:\DOCUME~1\CLINE~1\APPLIC~1\desktop.ini
[30/12/2007|20:27] C:\DOCUME~1\CLINE~1\APPLIC~1\Hewlett-Packard
[09/01/2008|22:08] C:\DOCUME~1\CLINE~1\APPLIC~1\HP
[07/01/2008|23:06] C:\DOCUME~1\CLINE~1\APPLIC~1\HPAppData
[06/12/2007|18:11] C:\DOCUME~1\CLINE~1\APPLIC~1\Identities
[31/12/2007|10:29] C:\DOCUME~1\CLINE~1\APPLIC~1\InstallShield
[22/12/2007|09:57] C:\DOCUME~1\CLINE~1\APPLIC~1\Macromedia
[09/01/2008|21:39] C:\DOCUME~1\CLINE~1\APPLIC~1\Microsoft
[19/12/2007|17:22] C:\DOCUME~1\CLINE~1\APPLIC~1\Microsoft Web Folders
[22/12/2007|13:29] C:\DOCUME~1\CLINE~1\APPLIC~1\Mozilla
[22/12/2007|20:37] C:\DOCUME~1\CLINE~1\APPLIC~1\MSNInstaller
[31/01/2008|20:01] C:\DOCUME~1\CLINE~1\APPLIC~1\OwnsForFilm
[31/12/2007|10:33] C:\DOCUME~1\CLINE~1\APPLIC~1\Panasonic
[02/01/2008|22:15] C:\DOCUME~1\CLINE~1\APPLIC~1\Real
[17/01/2008|17:41] C:\DOCUME~1\CLINE~1\APPLIC~1\Sun
[14/01/2008|18:04] C:\DOCUME~1\CLINE~1\APPLIC~1\U3
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[10/05/2006|07:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/12/2007|18:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[06/12/2007|18:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[06/12/2007|18:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[06/12/2007|18:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[23/12/2007|14:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[24/12/2007 18:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [--284--]
[02/02/2008 17:41][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 22:00][-rah-----] C:\WINDOWS\tasks\desktop.ini [--65--]
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/02/2008|19:17] C:\Program Files\Lop SD
[02/02/2008|19:15] C:\Program Files\Mozilla Firefox
[02/02/2008|18:11] C:\Program Files\.
[02/02/2008|18:11] C:\Program Files\..
[31/01/2008|22:09] C:\Program Files\Trend Micro
[31/01/2008|22:03] C:\Program Files\iKnowPS
[23/01/2008|23:00] C:\Program Files\Fichiers communs
[17/01/2008|15:32] C:\Program Files\OwnsForFilm
[08/01/2008|17:44] C:\Program Files\Spybot - Search & Destroy
[07/01/2008|23:06] C:\Program Files\Hewlett-Packard
[07/01/2008|23:06] C:\Program Files\HP
[02/01/2008|22:13] C:\Program Files\Real
[31/12/2007|10:30] C:\Program Files\Panasonic
[31/12/2007|10:30] C:\Program Files\InstallShield Installation Information
[25/12/2007|12:23] C:\Program Files\Outlook Express
[25/12/2007|12:20] C:\Program Files\Internet Explorer
[24/12/2007|18:57] C:\Program Files\iTunes
[24/12/2007|18:57] C:\Program Files\iPod
[24/12/2007|18:57] C:\Program Files\QuickTime
[24/12/2007|18:56] C:\Program Files\Apple Software Update
[24/12/2007|15:06] C:\Program Files\EBP
[23/12/2007|14:03] C:\Program Files\MSXML 4.0
[22/12/2007|20:37] C:\Program Files\MSN
[22/12/2007|20:30] C:\Program Files\MSN Messenger
[22/12/2007|16:28] C:\Program Files\Avast
[22/12/2007|15:50] C:\Program Files\PDFCreator
[22/12/2007|15:50] C:\Program Files\PDFCreator Toolbar
[22/12/2007|15:37] C:\Program Files\WinZip
[19/12/2007|17:23] C:\Program Files\Microsoft Office
[19/12/2007|17:22] C:\Program Files\microsoft frontpage
[06/12/2007|18:16] C:\Program Files\xerox
[06/12/2007|18:16] C:\Program Files\Windows NT
[06/12/2007|18:16] C:\Program Files\Windows Media Player
[06/12/2007|18:16] C:\Program Files\Windows Media Connect 2
[06/12/2007|18:16] C:\Program Files\Synaptics
[06/12/2007|18:16] C:\Program Files\Sonic
[06/12/2007|18:15] C:\Program Files\Services en ligne
[06/12/2007|18:15] C:\Program Files\Online Services
[06/12/2007|18:15] C:\Program Files\NetWaiting
[06/12/2007|18:15] C:\Program Files\NetMeeting
[06/12/2007|18:15] C:\Program Files\MSN Gaming Zone
[06/12/2007|18:15] C:\Program Files\Movie Maker
[06/12/2007|18:15] C:\Program Files\Microsoft Works
[06/12/2007|18:14] C:\Program Files\Messenger
[06/12/2007|18:14] C:\Program Files\Java
[06/12/2007|18:13] C:\Program Files\Google
[06/12/2007|18:12] C:\Program Files\DIFX
[06/12/2007|18:12] C:\Program Files\CONEXANT
[06/12/2007|18:12] C:\Program Files\Adobe
[06/12/2007|09:30] C:\Program Files\HPQ
[19/09/2006|23:48] C:\Program Files\WindowsUpdate
[19/09/2006|23:48] C:\Program Files\Uninstall Information
[19/09/2006|23:48] C:\Program Files\ComPlus Applications
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[23/01/2008|23:00] C:\Program Files\Fichiers communs\..
[23/01/2008|23:00] C:\Program Files\Fichiers communs\.
[02/01/2008|22:13] C:\Program Files\Fichiers communs\xing shared
[02/01/2008|22:13] C:\Program Files\Fichiers communs\Real
[30/12/2007|15:24] C:\Program Files\Fichiers communs\Microsoft Shared
[30/12/2007|14:10] C:\Program Files\Fichiers communs\Hewlett-Packard
[25/12/2007|12:23] C:\Program Files\Fichiers communs\System
[24/12/2007|18:56] C:\Program Files\Fichiers communs\Apple
[22/12/2007|16:26] C:\Program Files\Fichiers communs\Symantec Shared
[22/12/2007|16:01] C:\Program Files\Fichiers communs\Adobe
[19/12/2007|17:19] C:\Program Files\Fichiers communs\Designer
[06/12/2007|18:13] C:\Program Files\Fichiers communs\TiVo Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\SureThing Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\SpeechEngines
[06/12/2007|18:13] C:\Program Files\Fichiers communs\Sonic Shared
[06/12/2007|18:13] C:\Program Files\Fichiers communs\Services
[06/12/2007|18:13] C:\Program Files\Fichiers communs\ODBC
[06/12/2007|18:13] C:\Program Files\Fichiers communs\MSSoap
[06/12/2007|18:13] C:\Program Files\Fichiers communs\LightScribe
[06/12/2007|18:12] C:\Program Files\Fichiers communs\Java
[06/12/2007|18:12] C:\Program Files\Fichiers communs\InstallShield
[06/12/2007|18:12] C:\Program Files\Fichiers communs\HP
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-02 19:18:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:1279][Doss:38] C:\DOCUME~1\CLINE~1\LOCALS~1\Temp
/!\ [Fich:117][Doss:0] C:\DOCUME~1\CLINE~1\Cookies
/!\ [Fich:8311][Doss:8] C:\DOCUME~1\CLINE~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:18:50,18 ]----------------------
Mais est-ce que c'est normal que avast s'alerte à chaque fois que je fais tourner le logiciel ?
Reposte un rapport Hijackthis.
Répondre à Angeldark
Voilà le nouveau rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:30, on 05/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\Avast\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iKnowPS] C:\Program Files\iKnowPS\iKnowPS.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Find vga] C:\DOCUME~1\CLINE~1\APPLIC~1\OWNSFO~1\barb drive.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\Avast4\ashWebSv.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8689 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
|
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\DOCUME~1\CLINE~1\APPLIC~1\OwnsForFilm
|
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt!
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Répondre à Angeldark
Il y a 2124 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
